Cybercrime: The rise of Phishing, Fearware and Ransomware

April 2020

With many of us now using the internet to access our work, and spending ever more time online, cybercriminals have significantly increased their activity, observes Tim Mulley, Insurance Partner at Scrutton Bland. In a recent statement, president of the European Commission, Ursula von der Leyen warned: "They follow us online and exploit our concerns about the coronavirus. Our fear becomes their business opportunity."
 
In the past few weeks our IT, insurance and internal audit teams have all noted an increase in so-called "phishing" and ransomware emails both in private accounts and at work. And the UK’s Cyber Intelligence services have recently reported* a 400% increase in threatening emails attempting to extort money since the pandemic began.

We are seeing two key styles of email, the first intended to make the recipient feel afraid, and the second seek to play on commercial or other COVID-related concerns, by making ‘too good to be true’ offers. ‘Fearware’ emails are becoming ever more sophisticated, and are simply about the criminal sender making money out of the crisis.
 
Some emails suggest that they contain important updates about the COVID-19 outbreak, however clicking links in the emails for further information will infect computers with malware, some of which can lock entire company networks. Others claim to have already hacked your computer and email accounts and make threats against you, claiming to know embarrassing secrets which will be made public if payment is not forthcoming.

Here, the sender has combined symbols with letters to fool the security software that protects email accounts, but it is still clearly readable by the recipient.
 
The intention of these messages is to cause fear and is often accompanied by threats to the reader and their family to cause harm unless you send payment. Under no circumstances should you reply to these emails or click any ‘unsubscribe’ link, as this simply confirms that the email reached an active user and that sufficient concern was caused to prompt a response.
 
Instead, if you receive such emails, you should use your email software to block the sender and, if using a work system, check if your business protocols require you to report the email.
 
The second form of emails currently popular with cybercriminals target businesses and individuals concerned about their finances and investments. Emails promising to fast track access to government financial support will, if followed, lead to professional-looking websites set up to harvest your confidential business data, including banking information, allowing the criminals to use your details for fraudulent purposes. Other messages will offer those with investments depressed by the decline in the stock market, immediate access to apparently guaranteed returns or investment funds which will take early advantage of any market improvement.
 
Using a combination of fear and ‘special offers’, some criminals use the very simple approach of offering limited availability products for sale, with no intention to fulfil orders. Products like face masks and other Personal Protective Equipment (PPE) are featuring regularly in such emails and the advice is simple: if the offer is not from a company you have done business with, or one you know that you are on their mailing list, ignore it. Better still, block all future emails from that sender.
 
For any emails purporting to be from national institutions, such as HMRC or other government departments, you should also report these cases to Action Fraud and the National Phishing Crime Bureau. Embedded links in email should not be clicked unless you are absolutely certain the email is valid.
 
The final element of advice from UK security services, especially during times when most, if not all, employees are working remotely, is protecting the integrity of business systems as a whole. Cybercriminals are taking advantage of reduced IT support staff to launch major hacking attacks on business servers and networks. Each employee plays a critical role in defending their company’s systems by ensuring that the content of suspect emails is never interacted with.
 
For business owners, additional peace of mind can be sought by way of cyber insurance products. Research by the Federation of Small Business has shown that smaller UK firms are targeted more often than large corporations; the latest figures (for 2018) showed that cyber crime cost small business some £5.3 billion in one year alone, and that figure has increased significantly since then. Whilst insurance cannot prevent business systems from attack – or an employee losing a mobile phone which has sensitive data on it - it can provide some reassurance that the interruption to your business’s ability to trade is protected. Additionally, your business will have rapid access to IT professionals and lawyers expert in dealing with the investigative and statutory issues arising from any data breach. Legislation provides significant safeguards for people whose data your business might hold and the financial implications of an uninsured data loss could be catastrophic for many small businesses. Finally, you might require PR advice to help contain and manage any potential public relations crisis and lessen any damage to your reputation. 
 
*Advisory: COVID-19 exploited by malicious cyber actors, National Cyber Security Centre 8 April 2020
Contact Us
For more information about staying vigilant to phishing emails, fearware and ransomware and to discuss protecting your business with cyber insurance, please call us on 0330 058 6559
Email Tim